VPN troubles (SOLVED)

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
cabwav
Posts: 2
Joined: Tue Apr 18, 2017 7:18 pm

VPN troubles (SOLVED)

Post by cabwav » Tue Apr 18, 2017 8:21 pm

Hello. Can someone please help me with the configuration of a SoftEther VPN link.

I would like to set up a VPN connection between my home network and the network at our offices. I am using SoftEther VPN client manager (ver 4.22 build 9634) on a Windows10 PC to connect to a NAS at our offices that is running the VPN server software.

Initially, I was successful in establishing a working VPN connection between my home network (with a DHCP IP address range 10.0.0.xx) and our office (with IP address range 192.168.178.xx). Network discovery was a bit slow, but shared (Samba) folders were visible with File Explorer/Network.

Other users were also able to access these shared folders, but they were complaining that they had problems with sending mail. It turned out that their local network used the same IP adress range as the address range at out offices. They also used a different internet provider (my internet provider is the same as the provider at our offices). I suspected that their mail was sent via the VPN link, using the internet provider at our offices, because when they disconnected the VPN link they had no trouble sending mail. I suspect that two modem/routers with the same IP address 192.168.178.1, and both of them DHCP servers is also a problem.

In trying to solve this, I changed the DHCP IP address range at our offices to 192.168.5.xx.
But now the shared folders at our offices are not visible anymore in File Explorer in my home network, and I cannot access these folders. The NAS at the office responds to 'pinging' so I assume that the VPN link is OK.

Further, the status of my network adapter changes from 'Network' (status IPv4 connectivity=Internet) to 'Unidentified network' (status = no Internet access) as soon as the VPN link is connected.

I would appreciate your help here: what am I missing? What do I have to do to allow home users access to shared folders on the NAS at our offices, but without the mail problems? Is it possible to only make the shared folders on the NAS 'visible' to home users, and at the same time 'shield off' the rest of the office network (especially the modem/router)?

Thanks in advance. Please excuse my English, I am not a native speaker.

cabwav

EDIT: apparently it took some time for the folders of the office NAS to show up in File Explorer/Network, but I can see (and access) them now. But I still suspect that my mail is sent using the modem/router and internet provider located at the office. If that is correct, how can I prevent that?
Last edited by cabwav on Wed May 10, 2017 10:32 am, edited 1 time in total.

colapig
Posts: 148
Joined: Tue Oct 14, 2014 5:36 am

Re: VPN troubles

Post by colapig » Wed Apr 19, 2017 4:39 am

seems the vpn server would building the routing table

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: VPN troubles

Post by thisjun » Wed May 10, 2017 7:21 am

Please increase value of VPN NIC interface metric.

cabwav
Posts: 2
Joined: Tue Apr 18, 2017 7:18 pm

Re: VPN troubles

Post by cabwav » Wed May 10, 2017 10:32 am

Thank you thisjun, that was indeed the cause of the problem. It turns out that the SoftEther virtual adapter has metric '1' as a default. The result is that an internet connection is always made via the network that the VPN-link connects to. If the other network uses a different internet provider than the provider that is used for your own local network, you can't send mail. I increased the metric of the VPN link to 100, and the metric of my local LAN adapter to 5. That 'forces' Windows to select the adapter with the lowest metric setting to make an internet connection, and now mail is sent via the user's own local network / router.
I also changed the DHCP address range on the office network, so that probably helped too.

Thanks again, kudos

CABWAV

og1
Posts: 15
Joined: Sun Nov 12, 2017 11:08 pm

Re: VPN troubles (SOLVED)

Post by og1 » Tue Dec 05, 2017 7:35 am

I would not have believed this (the higher metric on the VPN virtual adapter in Windows 10), if I didn't see it with my own eyes fix my own issue.

You all have no idea how many hours this has cost me. Referring, to changing the metric of the VPN virtual adaptor to a high value, in my case I had to change it to 20 or above to fix the unidentified network, no Internet access issue after I finally got the Windows client to make a proper port forwarded connection behind the firewall NAT to the SoftEther VPN server.

SoftEther is very difficult to use in my view (unfortunately, I'm worried it's not ready for trust running a business on, even for a few people). Took all day just to get the Windows Client connecting to a VPN Server running on VirtualBox (bridge mode virtual adapter).

Now back to trying to get the Windows IPSec and the MacOS IPSec clients to work. Why those clients aren't connecting I have no idea (same no Internet access issue after VPN connection on Windows, but still working on fixing it). I've also researched that all day and many other people with the same issues with IPSec seem to have given up trying to get the IPSec to work.

Does SoftEther's development team (the project is open source from what I'm reading) have this "No Internet Access after VPN connect, and higher metric workaround" issue for the Windows Client on the "to-fix list"?

Most people that use computers and are being encouraged to use VPNs for security, etc. would have absolutely no chance to be able to fix this issue! (wouldn't know where to start looking to fix the issue)

Post Reply